public static PasswordStrengthLevel GetStrengthLevel(string password)
{
PasswordStrengthLevel strengthLevel = PasswordStrengthLevel.Unmet;
try
{
if (IsValid(password) == true)
{
if (IsStrong(password) == true)
{
strengthLevel = PasswordStrengthLevel.Strong;
}
else if (IsMedium(password) == true)
{
strengthLevel = PasswordStrengthLevel.Medium;
}
else if (IsWeak(password) == true)
{
strengthLevel = PasswordStrengthLevel.Weak;
}
else
{
strengthLevel = PasswordStrengthLevel.Unmet;
}
}
}
catch
{
strengthLevel = PasswordStrengthLevel.Unmet;
}
return(strengthLevel);
}
public void IsNotValid(string password, PasswordStrengthLevel level)
{
// Arrange
var attr = new PasswordStrengthAttribute(level);
// Act
var isValid = attr.IsValid(password);
// Assert
Assert.IsFalse(isValid);
}
private int getMinLengthForLevel(PasswordFamily family, PasswordStrengthLevel level)
{
switch (level)
{ //todo: OGEE - what does this code do?
case PasswordStrengthLevel.Minimum: return(5 - family == PasswordFamily.Text ? 0 : 1);
case PasswordStrengthLevel.BelowNormal: return(6 - family == PasswordFamily.Text ? 0 : 1);
default: return(8 - family == PasswordFamily.Text ? 0 : 2);// Normal
case PasswordStrengthLevel.AboveNormal: return(10 - family == PasswordFamily.Text ? 0 : 3);
case PasswordStrengthLevel.Maximum: return(13 - family == PasswordFamily.Text ? 0 : 4);
}
}
private int getMinScoreForLevel(PasswordFamily family, PasswordStrengthLevel level)
{
switch (level)
{
case PasswordStrengthLevel.Minimum: return(TOP_SCORE_MINIMUM);
case PasswordStrengthLevel.BelowNormal: return(TOP_SCORE_BELOW_NORMAL);
default: return(TOP_SCORE_NORMAL);
case PasswordStrengthLevel.AboveNormal: return(TOP_SCORE_ABOVE_NORMAL);
case PasswordStrengthLevel.Maximum: return(TOP_SCORE_MAXIMUM);
}
}
private int getMaxLengthForLevel(PasswordFamily family, PasswordStrengthLevel level)
{
switch (level)
{
case PasswordStrengthLevel.Minimum: return(5 - (family == PasswordFamily.Text ? 0 : 1));
case PasswordStrengthLevel.BelowNormal: return(6 - (family == PasswordFamily.Text ? 0 : 1));
default: return(8 - (family == PasswordFamily.Text ? 0 : 2));// Normal
case PasswordStrengthLevel.AboveNormal: return(10 - (family == PasswordFamily.Text ? 0 : 3));
case PasswordStrengthLevel.Maximum: return(13 - (family == PasswordFamily.Text ? 0 : 4));
}
}
private static void doPassword(IApplication app, bool pretty, int scoreThreshold, PasswordStrengthLevel strength, string algname)
{
ConsoleUtils.Info("Score Threshold: {0}%".Args(scoreThreshold));
ConsoleUtils.Info("Strength level: {0}".Args(strength));
SecureBuffer password = null;
while (true)
{
Console.WriteLine("Please type-in your password and press <enter>:");
password = ConsoleUtils.ReadPasswordToSecureBuffer('*');
var score = app.SecurityManager.PasswordManager.CalculateStrenghtPercent(PasswordFamily.Text, password);
var pass = score >= scoreThreshold;
Console.WriteLine();
var t = "Password score: {0}% is {1} strong".Args(score, pass ? "sufficiently" : "insufficiently");
if (pass)
{
ConsoleUtils.Info(t);
break;
}
ConsoleUtils.Error(t);
Console.WriteLine();
}
Console.WriteLine();
while (true)
{
Console.WriteLine("Please re-type your password and press <enter>:");
using (var p2 = ConsoleUtils.ReadPasswordToSecureBuffer('*'))
if (password.Content.MemBufferEquals(p2.Content))
{
break;
}
ConsoleUtils.Error("Passwords do not match");
}
Console.WriteLine();
Console.WriteLine();
HashedPassword hashed = null;
if (algname.IsNotNullOrWhiteSpace())
{
var alg = app.SecurityManager.PasswordManager.Algorithms[algname];
if (alg != null)
{
hashed = alg.ComputeHash(PasswordFamily.Text, password);
}
else
{
ConsoleUtils.Error("Specified algorithm not found. Using default...");
}
}
if (hashed == null)
{
hashed = app.SecurityManager.PasswordManager.ComputeHash(
PasswordFamily.Text,
password,
strength);
}
password.Dispose();
var toPrint = JsonWriter.Write(hashed, pretty ? JsonWritingOptions.PrettyPrintASCII : JsonWritingOptions.CompactASCII);
Console.WriteLine("Hashed Password:");
Console.WriteLine();
Console.WriteLine(toPrint);
}
protected virtual IEnumerable <PasswordRepresentation> DoGeneratePassword(PasswordFamily family, PasswordRepresentationType type, PasswordStrengthLevel level)
{
if (family != PasswordFamily.Text && family != PasswordFamily.PIN)
{
yield break;
}
if ((type & PasswordRepresentationType.Text) != 0)
{
if (family == PasswordFamily.Text)
{
int score = 0;
while (true)
{
using (var password = ExternalRandomGenerator.Instance.NextRandomWebSafeSecureBuffer(getMinLengthForLevel(family, level), getMaxLengthForLevel(family, level)))
{
score = CalculateStrenghtScore(family, password);
if (score >= getMinScoreForLevel(family, level))
{
var content = password.Content;
var length = content.Length;
var reprContent = new byte[length];
Array.Copy(content, reprContent, length);
yield return(new PasswordRepresentation(PasswordRepresentationType.Text, "plain/text", reprContent));
break;
}
}
}
}
if (family == PasswordFamily.PIN)
{
var min = getMinLengthForLevel(family, level);
var max = getMaxLengthForLevel(family, level);
var minValue = (int)IntMath.Pow(10, min - 1);
var maxValue = (int)IntMath.Pow(10, max) - 1;
var value = (uint)ExternalRandomGenerator.Instance.NextScaledRandomInteger(minValue, maxValue);
var content = value.ToString();
var reprContent = new byte[content.Length];
for (int i = 0; i < content.Length; i++)
{
reprContent[i] = (byte)content[i];
}
yield return(new PasswordRepresentation(PasswordRepresentationType.Text, "plain/text", reprContent));
}
}
}
protected virtual HashedPassword DoComputeHash(PasswordFamily family, SecureBuffer password, PasswordStrengthLevel level)
{
var algoFamily = m_Algorithms.Where(al => al.Match(family));
if (!algoFamily.Any())
{
throw new SecurityException(GetType().Name + ".DoComputeHash(family!match)");
}
var algs = algoFamily.Where(al => al.StrengthLevel == level);
if (!algs.Any())
{
algs = algoFamily.Where(al => al.StrengthLevel > level).OrderBy(al => al.StrengthLevel);
}
if (!algs.Any())
{
algs = algoFamily;
}
var algo = algs.FirstOrDefault(al => al.IsDefault) ?? algs.First();
return(algo.ComputeHash(family, password));
}
public IEnumerable <PasswordRepresentation> GeneratePassword(PasswordFamily family, PasswordRepresentationType type, PasswordStrengthLevel level = PasswordStrengthLevel.Default)
{
return(DoGeneratePassword(family, type, level == PasswordStrengthLevel.Default ? DefaultStrengthLevel : level));
}
public HashedPassword ComputeHash(PasswordFamily family, SecureBuffer password, PasswordStrengthLevel level = PasswordStrengthLevel.Default)
{
if (password == null)
{
throw new SecurityException(StringConsts.ARGUMENT_ERROR + "DefaultPasswordManager.ComputeHash(password==null)");
}
if (!password.IsSealed)
{
throw new SecurityException(StringConsts.ARGUMENT_ERROR + "DefaultPasswordManager.ComputeHash(!password.IsSealed)");
}
CheckServiceActive();
return(DoComputeHash(family, password, level == PasswordStrengthLevel.Default ? DefaultStrengthLevel : level));
}
public PasswordStrengthAttribute(PasswordStrengthLevel level = PasswordStrengthLevel.Weak)
{
Level = level;
}
